Overview

overview

10

Static

static

55e377db55...1a.exe

windows7-x64

6

55e377db55...1a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    55e377db55d8fb13f5e8f9b7f6a75cc50ed32f8f32d2b4f8f8f81c1d1134cd1a

  • Size

    315KB

  • Sample

    220725-hbekdsaghq

  • MD5

    300764e02285778890e7dc356954ab16

  • SHA1

    99bbc7c4ae2f800bcdb48af617a32e2cc5214173

  • SHA256

    55e377db55d8fb13f5e8f9b7f6a75cc50ed32f8f32d2b4f8f8f81c1d1134cd1a

  • SHA512

    c0793a6c28467d8a6761aca3de2df08601389234c0c2235bf1a23a65fe1e8aa650bb5374a5bac8036f275594739a1ff0d501d34181e186ece58f76c9bfe7b49a

Score
10/10
discoverysuricata

Malware Config

Targets

    • Target

      55e377db55d8fb13f5e8f9b7f6a75cc50ed32f8f32d2b4f8f8f81c1d1134cd1a

    • Size

      315KB

    • MD5

      300764e02285778890e7dc356954ab16

    • SHA1

      99bbc7c4ae2f800bcdb48af617a32e2cc5214173

    • SHA256

      55e377db55d8fb13f5e8f9b7f6a75cc50ed32f8f32d2b4f8f8f81c1d1134cd1a

    • SHA512

      c0793a6c28467d8a6761aca3de2df08601389234c0c2235bf1a23a65fe1e8aa650bb5374a5bac8036f275594739a1ff0d501d34181e186ece58f76c9bfe7b49a

    Score
    10/10
    discoverysuricata

    • suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole

      suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole

      suricata

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks